[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Is our revprop auth policy too strict?

From: Michael Sinz <Michael.Sinz_at_sinz.org>
Date: 2007-05-21 12:05:41 CEST

Malcolm Rowe wrote:
> On Fri, May 18, 2007 at 04:09:04PM -0400, C. Michael Pilato wrote:
>> "partial" is treated just like "no" access -- in other words, the user can
>> read svn:author and svn:date, but can't change them. That seemed odd to me
>> (and to sussman, when I raise the question elsewhere).
>>
>> Is there a compelling reason to prevent a partial-access-granted user from
>> changing the two properties he's allowed to see?
>>
>
> Not that I can think of. +1 for symmetry.

I wonder if this is correct. Just because you can see part of the commit
information, does that mean it is safe or correct to be able to change it?
Given that the user can not access all of the commit information, I would
think it is improper to allow changes to even those values that can be seen.
After all, it may be very incorrect.

I would say that if you are doing this tight level of access control then
that a revision that a use does not have access to all elements of it should
be "read-only" by definition.

At least that is how I see this. I can not come up with a scenario where
someone who does not have rights to all of the revision should have any reason
or rights to change any part of the revprop - even those that they can see.

PS - even in the repositories where we have this tight security, I have not
seen even one commit that crosses boundaries. This is, most likely, due to
the fact that very few people have rights across boundaries, but even those
that do have never caused such a commit.

-- 
Michael Sinz                     Technology and Engineering Director/Consultant
"Starting Startups"                                mailto:michael.sinz@sinz.org
My place on the web                            http://www.sinz.org/Michael.Sinz
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon May 21 12:06:24 2007

This is an archived mail posted to the Subversion Dev mailing list.